da00ee0ca5
license: tighten BSL terms (Florida venue, full Pi Day Change Date, no contributions)
...
Rewrite of the BSL 1.1 LICENSE to fix lawyer-grade gaps and align
the parameters with the project's actual posture:
Licensor + copyright
- Licensor name: "Shankar Kambam" (correct legal name; was "Shankar
Reddy" — same operator, different surname).
- © marker: "© 2026 Shankar Kambam" (was "(c)" placeholder).
Additional Use Grant — sharper Commercial Certificate Service test
- Replaces the old "running a cert service for non-affiliated third
parties" wording with a principal-value test: a CCS is a product
whose principal value to the third party is certctl's certificate
management functionality (lifecycle, discovery, monitoring,
alerting, renewal automation, deployment, revocation) AND the
third party accesses or controls that functionality AND
compensation flows for that access/control.
- Carve-out (a): explicitly permits running certctl in production
to manage certs for products whose principal value is something
ELSE (e.g. a banking app using certctl for its TLS certs).
- Carve-out (b): "third party" excludes employees, contractors
acting on the licensee's behalf, and Affiliates (>50% common
voting control). Closes the "internal IT department is a third
party" attack on the wording.
- Carve-out (c): the CCS restriction applies regardless of whether
certctl is hosted, managed, embedded, bundled, or integrated
with another product — closes the embedded-OEM loophole.
Change Date — full per-version 4-year BSL period
- Was: March 14, 2126 (a fixed date 100+ years out, defeating the
"earlier of <Change Date> or 4 years from first publication"
semantics — the 4-year cap always won, no version got the full
4-year window).
- Now: March 14, 2076 (Pi Day, ~50 years out). This is the longest
acceptable horizon under the BSL spirit while ensuring every
released version gets its full 4-year BSL period before flipping
to Apache-2.0.
Contributions — no third-party contributions accepted
- Adds an explicit "Licensor does not accept third-party
contributions" clause. Any code/docs submitted are at the
submitter's sole risk, confer no rights, and are not incorporated.
Mirrors the project's reality (no PR review process, single-owner
development).
Patent non-assertion + defensive termination
- Adds a non-assertion covenant covering compliant uses, with
termination of that covenant if the licensee initiates patent
litigation against the Licensor or contributors. Standard BSL
posture, was missing.
Termination + reinstatement
- 30-day cure window for first violation; second violation after
reinstatement is permanent. Aligns with BSL norm.
Governing law + venue
- State of Florida, USA. Operator's residence; aligns dispute
forum with the Licensor's actual jurisdiction.
Severability + survival
- Standard boilerplate added. Ensures the disclaimer-of-warranty,
patent non-assertion (for pre-termination acts), and
governing-law clauses survive any termination.
Stripped
- Dead "(certctl is not a registered trademark)" parenthetical —
the trademark filing is a separate workstream, not licensing.
Contact for alternative arrangements: certctl@proton.me
(unchanged).
2026-05-02 17:12:50 +00:00
75cf8475f5
tighten BSL license scope, fix documentation underselling shipped features
...
Broadened BSL Additional Use Grant from "hosted or managed service" to cover
any commercial offering (embedded, bundled, integrated). Updated README to
promote all shipped connectors from Beta to Implemented, added EST/ARI/S/MIME
highlight, Helm quickstart, and corrected license description. Fixed
connectors.md stale claims (AWS ACM PCA listed as planned, K8s Secrets
listed as coming soon) and updated overview with exact connector counts.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-04-15 15:54:03 -04:00
shankar0123